TWI672634B - 基本輸入輸出系統(bios)保全技術 - Google Patents

基本輸入輸出系統(bios)保全技術 Download PDF

Info

Publication number
TWI672634B
TWI672634B TW106115984A TW106115984A TWI672634B TW I672634 B TWI672634 B TW I672634B TW 106115984 A TW106115984 A TW 106115984A TW 106115984 A TW106115984 A TW 106115984A TW I672634 B TWI672634 B TW I672634B
Authority
TW
Taiwan
Prior art keywords
bios
variables
saved
active
update
Prior art date
Application number
TW106115984A
Other languages
English (en)
Chinese (zh)
Other versions
TW201820130A (zh
Inventor
Maugan VILLATEL
毛根 維拉托爾
Boris Balacheff
波里斯 巴拉契夫
David Plaquin
大衛 帕拉昆恩
Vali Ali
瓦利 阿里
Jeffrey Kevin Jeansonne
傑佛瑞 K. 珍森納
Original Assignee
Hewlett-Packard Development Company, L.P.
惠普發展公司有限責任合夥企業
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett-Packard Development Company, L.P., 惠普發展公司有限責任合夥企業 filed Critical Hewlett-Packard Development Company, L.P.
Publication of TW201820130A publication Critical patent/TW201820130A/zh
Application granted granted Critical
Publication of TWI672634B publication Critical patent/TWI672634B/zh

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)
TW106115984A 2016-10-21 2017-05-15 基本輸入輸出系統(bios)保全技術 TWI672634B (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
??PCT/US16/58047 2016-10-21
PCT/US2016/058047 WO2018075057A1 (en) 2016-10-21 2016-10-21 Bios security

Publications (2)

Publication Number Publication Date
TW201820130A TW201820130A (zh) 2018-06-01
TWI672634B true TWI672634B (zh) 2019-09-21

Family

ID=62018732

Family Applications (1)

Application Number Title Priority Date Filing Date
TW106115984A TWI672634B (zh) 2016-10-21 2017-05-15 基本輸入輸出系統(bios)保全技術

Country Status (5)

Country Link
US (1) US10803176B2 (de)
EP (1) EP3485416B1 (de)
CN (1) CN109804378A (de)
TW (1) TWI672634B (de)
WO (1) WO2018075057A1 (de)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210081117A1 (en) * 2018-06-07 2021-03-18 Hewlett-Packard Development Company, L.P. Non-volatile memory protections
TWI736074B (zh) * 2019-12-20 2021-08-11 瑞昱半導體股份有限公司 周邊裝置及其驗證更新方法
US11347519B2 (en) * 2020-05-27 2022-05-31 Dell Products L.P. Systems and methods for detecting short-term changes to BIOS setup
US12001827B2 (en) * 2020-07-27 2024-06-04 Dell Products L.P System and method for system-wide firmware downgrade control
CN113127844A (zh) * 2021-03-24 2021-07-16 山东英信计算机技术有限公司 一种变量访问方法、装置、系统、设备和介质
TWI789142B (zh) * 2021-12-03 2023-01-01 新唐科技股份有限公司 控制器、計算機裝置、bios復原備份方法
US20230418590A1 (en) * 2022-06-22 2023-12-28 Hewlett-Packard Development Company, L.P. Instruction updates

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7293169B1 (en) * 2003-02-26 2007-11-06 American Megatrends, Inc. Methods and systems for remotely updating the firmware of multiple computers over a distributed network
US20130151848A1 (en) * 2011-12-12 2013-06-13 Microsoft Corporation Cryptographic certification of secure hosted execution environments
US20150089209A1 (en) * 2013-09-25 2015-03-26 Cisco Technology, Inc. Synchronization of UEFI Secure Boot Variables on a Managed Server
US20150222604A1 (en) * 2011-12-21 2015-08-06 Ssh Communications Security Oyj Automated Access, Key, Certificate, and Credential Management

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7143275B2 (en) * 2002-08-01 2006-11-28 Hewlett-Packard Development Company, L.P. System firmware back-up using a BIOS-accessible pre-boot partition
US9026771B2 (en) * 2007-04-27 2015-05-05 Hewlett-Packard Development Company, L.P. Secure computer system update
US8296579B2 (en) * 2009-11-06 2012-10-23 Hewlett-Packard Development Company, L.P. System and method for updating a basic input/output system (BIOS)
CN103329093B (zh) * 2011-01-19 2017-09-12 国际商业机器公司 用于更新执行环境中的代码的方法和系统
TWI607376B (zh) * 2011-04-08 2017-12-01 系微股份有限公司 用於處理改變依照統一可延伸韌體介面計算裝置中之系統安全資料庫及韌體儲存區請求的系統及方法
US8904162B2 (en) * 2012-08-01 2014-12-02 Intel Corporation Methods and apparatus for performing secure BIOS upgrade
WO2014051622A1 (en) * 2012-09-28 2014-04-03 Hewlett-Packard Development Company, L.P. Selectable graphics controllers to display output
US20140189336A1 (en) * 2012-12-28 2014-07-03 Miguel Ballesteros Methods and apparatus to support authenticated variables
US9660807B2 (en) * 2013-09-20 2017-05-23 Insyde Software Corp. System and method for verifying changes to UEFI authenticated variables
JP6054908B2 (ja) 2014-05-22 2016-12-27 レノボ・シンガポール・プライベート・リミテッド 変数セットを修復する方法、コンピュータ・プログラムおよびコンピュータ
US9785801B2 (en) * 2014-06-27 2017-10-10 Intel Corporation Management of authenticated variables

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7293169B1 (en) * 2003-02-26 2007-11-06 American Megatrends, Inc. Methods and systems for remotely updating the firmware of multiple computers over a distributed network
US20130151848A1 (en) * 2011-12-12 2013-06-13 Microsoft Corporation Cryptographic certification of secure hosted execution environments
US20150222604A1 (en) * 2011-12-21 2015-08-06 Ssh Communications Security Oyj Automated Access, Key, Certificate, and Credential Management
US20150089209A1 (en) * 2013-09-25 2015-03-26 Cisco Technology, Inc. Synchronization of UEFI Secure Boot Variables on a Managed Server

Also Published As

Publication number Publication date
EP3485416A1 (de) 2019-05-22
WO2018075057A1 (en) 2018-04-26
EP3485416B1 (de) 2020-11-25
US10803176B2 (en) 2020-10-13
CN109804378A (zh) 2019-05-24
US20190087582A1 (en) 2019-03-21
TW201820130A (zh) 2018-06-01
EP3485416A4 (de) 2020-01-29

Similar Documents

Publication Publication Date Title
TWI672634B (zh) 基本輸入輸出系統(bios)保全技術
US11520894B2 (en) Verifying controller code
US9880908B2 (en) Recovering from compromised system boot code
US10740468B2 (en) Multiple roots of trust to verify integrity
EP3028147B1 (de) Aktualisierung eines startcodes
US9870474B2 (en) Detection of secure variable alteration in a computing device equipped with unified extensible firmware interface (UEFI)-compliant firmware
US8490189B2 (en) Using chipset-based protected firmware for host software tamper detection and protection
US8028172B2 (en) Systems and methods for updating a secure boot process on a computer with a hardware security module
US7921461B1 (en) System and method for rootkit detection and cure
EP2989547B1 (de) Reparatur beschädigter systemdaten in einem nichtflüchtigen speicher
US9813443B1 (en) Systems and methods for remediating the effects of malware
WO2013067486A1 (en) Secure boot administration in a unified extensible firmware interface (uefi)- compliant computing device
US11599426B2 (en) Recovery via backups of recovery information
US11204776B2 (en) Apparatus and method for booting virtual machines
WO2015065513A1 (en) Systems and methods for updating system-level services within read-only system images
US9448888B2 (en) Preventing a rollback attack in a computing system that includes a primary memory bank and a backup memory bank
US20200143058A1 (en) Operational verification
US20240028736A1 (en) Validation and recovery of operating system boot files during os installation and runtime for uefi secure boot systems
CN115878122A (zh) 对构建服务器使用的数据项的损坏确定

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees